I modified the WordPress component of the code so that it doesn’t check for the cryptographic signature for trackbacks, but instead makes sure that the remote host is the webserver for the site that it says it is. If that check passes, it also retrieves the page and verifies that it contains a link to your own blog.

Hi Brandon,
Nice work, and I download that latest code, find that the trackback/pingback are included also, so what’s you option about let trackback filtered by simple trackback validation plugin? Because that plugin has more customise to deal with trackback.

I included that option because the original purpose of my wordpress plugin was for comment validation for the general-purpose bcSpamBlock functions I wrote. I’m not sure what all the other options for Trackback/Pingback validation are. I saw that the ‘simple-trackback-validation’ plugin had more options, so users might prefer to use it instead of my plugin . It makes sense to at least include a configuration file options for those users.